Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ecostruxure_foxboro_dcs_control_core_services
(Schneider\-Electric)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 5 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-07-11 | CVE-2024-5679 | CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. | Ecostruxure_foxboro_dcs_control_core_services | 7.1 | ||
2024-07-11 | CVE-2024-5680 | CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. | Ecostruxure_foxboro_dcs_control_core_services | 5.5 | ||
2024-07-11 | CVE-2024-5681 | CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. | Ecostruxure_foxboro_dcs_control_core_services | 7.8 | ||
2023-06-14 | CVE-2023-2569 | A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. | Ecostruxure_foxboro_dcs_control_core_services | 7.8 | ||
2023-06-14 | CVE-2023-2570 | A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys driver. | Ecostruxure_foxboro_dcs_control_core_services | 7.8 |